blob: b417714f8fd1644fa8545451c9d3acaa18441ee9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
This test data was produced by creating a self-signed EC cert using OpenSSL,
and then extracting the relevant fields.
It uses ECDSA with curve secp384r1 an SHA-256.
(1) Generate self-signed certificate
openssl ecparam -out ec_key.pem -name secp384r1 -genkey
openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem
(2) Extract public key
openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
cat pubkey.pem
(3) Extract signed data (tbsCertificate)
openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
base64 tbs
(4) Extract signature algorithm
# Find the offset of the signature algorithm near the end (496 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out alg -noout -strparse 496
base64 alg
(5) Extract the signature
# Find the final offset of BIT STRING (508 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out sig -noout -strparse 508
base64 sig
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 118 cons: SEQUENCE
2:d=1 hl=2 l= 16 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1
20:d=1 hl=2 l= 98 prim: BIT STRING
-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q
qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5
emYjLtvDsQ
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAMC
-----END ALGORITHM-----
-----BEGIN DATA-----
MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg
MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw
wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M
DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V
wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh
FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t
Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV
HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/
-----END DATA-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 105 prim: BIT STRING
-----BEGIN SIGNATURE-----
A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM
CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU=
-----END SIGNATURE-----
|
